Hi all –
I have a small bare-metal web server that I want to run with Ubuntu Pro with fips-updates, and I’m having some difficulties with the deployment phase. It’s Ubuntu 22.04, no desktop environment.
What I did was, I did the initial install on the “inside” network at my facility, NAT’d out to the world, and everything went fine, I was able to encrypt the file systems and attach to the Ubuntu Pro subscription, and enable the ESM and FIPS-update services I wanted, and then do all the regular non-pro-related configuration of populating and configuring the various services.
The “deployment” process consisted of pulling out the hard drives, and putting them in to the already-existing production system, and editing the network configuration to reflect the changed IP address.
This worked fine for the server, it booted fine, decrypted everything correctly, and is happily serving web apges.
But it apparently broke the pro attachment. I was able to re-attach it but now it says that the FIPS-updates are disabled, but the system is configured as if they were enabled – it’s got the relevant entries in /etc/apt/sources.list.d/ubuntu-fips-updates.list, for instance, and it’s currently running a FIPS kernel.
apt update works normally, it seems to hit the FIPS resources, but then when I do apt upgrade, it complains that available FIPS packages are “not found”.
I’m a bit reluctant to just blindly do pro enable fips-updates, since some of the configuration is already in place.
My questions are, how do I recover from this, and what was I supposed to do?
What I would like is a way to re-enable fips-updates without re-configuring it. The enablement dialog warns it might make the system unbootable, but it’s now in production, that would obviously be very bad.
Ubuntu Version:
22.04
Desktop Environment (if applicable):
None
Problem Description:
Re-homed system is getting “not found” errors on fips-updates packages, and pro status reports fips-updates is not enabled.
Relevant System Information:
Production web server, poor venue for experimentation
What I’ve Tried:
Not a great deal – mostly looking for clarity about how much danger I am in.